Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-en -
resource tags
arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system -
submitted
09/07/2024, 14:48 UTC
Static task
static1
Behavioral task
behavioral1
Sample
30cfdf2765dc1be9d12893a0489ffa4a_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
30cfdf2765dc1be9d12893a0489ffa4a_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
30cfdf2765dc1be9d12893a0489ffa4a_JaffaCakes118.exe
-
Size
138KB
-
MD5
30cfdf2765dc1be9d12893a0489ffa4a
-
SHA1
a333e5f975c623583e11c2958cd53d2aaf7577b9
-
SHA256
10c08643ad2b5459da86df8c171e374fe582bce60333ac8bf2abef29da68ca2c
-
SHA512
fd6361ca8676dce42d6e35c15e5c62b58b4dc4381850be79d80359c6847a07899b05ef2aa3de816e654996f394d2307505448583b3d60be406a6818c21e675f6
-
SSDEEP
3072:/caqyte6sV77snHLLxt0ZyaXOqdPNbnhW4IxZx5kCZuubFrhU1wKKrONmE:/caBty77snHRisY7PNNW4IxZ7zbC0rOf
Malware Config
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request74.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request81.144.22.2.in-addr.arpaIN PTRResponse81.144.22.2.in-addr.arpaIN PTRa2-22-144-81deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request103.169.127.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request56.126.166.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request0.204.248.87.in-addr.arpaIN PTRResponse0.204.248.87.in-addr.arpaIN PTRhttps-87-248-204-0lhrllnwnet
-
Remote address:8.8.8.8:53Request11.227.111.52.in-addr.arpaIN PTRResponse
-
71 B 157 B 1 1
DNS Request
74.32.126.40.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
81.144.22.2.in-addr.arpa
-
73 B 147 B 1 1
DNS Request
103.169.127.40.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
56.126.166.20.in-addr.arpa
-
71 B 116 B 1 1
DNS Request
0.204.248.87.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
11.227.111.52.in-addr.arpa